Pretty Good Privacy
Symmetric cryptography—Alice wants to send Bob a secret message. They both agree on a single password to use as an encryption/decryption key. Alice can use that key to encrypt data to send to Bob, and Bob can use that key to decrypt data received from Alice. Mathematically, a symmetric cipher is a one-to-one function that is easily invertible—apply the function to encrypt data, or apply its inverse decrypt data. The key describes the characteristics of the function; without the key, one cannot determine the function or its inverse.
Symmetric cryptography has some disadvantages:
- At the very beginning, when Alice and Bob initially exchanged the key, the exchange could have been transparently intercepted by a third party (assume Alice and Bob were not using a secure channel to exchange the key because that is precisely what we are trying to build!). With a stolen key, a third party can eavesdrop on Alice or Bob, and even pretend to be Alice or Bob.
- It is unwieldy for large groups of people to communicate privately, since the number of keys is polynomial with the number of people (recall the number of edges in a complete graph of n nodes):
# people # keys 2 1 3 3 4 6 5 10 6 15 n n(n-1)/2
Public-key (asymmetric) cryptography—